poniedziałek, 10 kwietnia 2017

SeniorITy Code powered by Sii - Embedded

Two weeks ago I participated in meeting where shortly were preseted different security aspects of the embedded systems.

First talk was a introducion into C++11 for beginners. Next two were about safety and security of embeddes systems. Part about safety was focused on developing standards for increase of a quality of the final system (eg. restrictions in memory management).

Last part was the most interesting in my opinion. Many methods of systems analysis were metioned - including copying of the architecture techniques. It is a real problem when it is that simple to reconstruct the net list from photos of a circuit using tools like degate. To watch how the device is working there are methods called side channel attacks. Attacker can observe properties such as power usage, processing time, temperature or electro magnetic emissions to get knowledge about computations inside a chip. Other kind of attacks are state modifications. Using laser beam it is possible to change memory registers (but not single bit) which can be used to introduce changes in the code execution. Other methods are: overheating what leads to skiping instructions in some processors or changing voltage level to change signal interpretation (high/low state).